Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          8upQ9MKgE3xpdUhDlSNRVwc5BmEZCYxRxAH1TKzWRdY=
Subject key identifier:   7A:E1:3E:25:02:CD:64:5A:79:F5:41:A4:70:10:E4:2C:AA:5D:B8:96
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       0196AA306F88BF94ADE1B6B711719EC93F28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0E67
Signing time:             Wed 07 May 2025 10:00:23 +0000
Manifest this update:     Wed 07 May 2025 10:00:23 +0000
Manifest next update:     Thu 08 May 2025 10:00:23 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: xLtqh7qc/G/zVFwGDpQRs81d0gOXZOtr1d472WOzxiE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 10:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:30:6f:88:bf:94:ad:e1:b6:b7:11:71:9e:c9:3f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: May  7 10:00:23 2025 GMT
            Not After : May  8 10:00:23 2025 GMT
        Subject: CN=7ae13e2502cd645a79f541a47010e42caa5db896
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a3:1c:27:f1:19:e2:17:6c:09:10:66:45:e3:
                    fc:63:de:c9:d4:b0:53:bb:81:37:1d:7b:34:1e:c7:
                    5b:24:79:c2:41:85:10:6b:31:bb:a3:5a:9a:b1:d9:
                    9e:24:ea:c6:ba:c6:5e:ae:4e:24:de:52:b7:a3:47:
                    3b:9d:9f:c4:5d:69:da:bc:c4:22:37:45:bb:7e:16:
                    0e:fa:46:15:59:99:90:44:40:61:73:65:89:48:09:
                    d4:5c:0b:23:3a:f3:e8:b1:47:f9:2b:c8:0f:7b:17:
                    d1:4c:55:29:2f:a5:16:fc:ad:9b:40:1f:95:1d:07:
                    e5:66:27:84:ec:5d:8f:1a:9a:e3:60:cf:81:cf:58:
                    96:95:16:bb:45:a1:ef:ac:5a:79:3a:19:0d:db:3a:
                    12:50:f8:72:b8:6f:54:9f:cd:27:b4:28:72:fe:df:
                    25:96:9d:f8:b1:96:f8:f6:95:8a:dc:65:18:59:72:
                    3b:f3:30:f1:9e:e2:c7:c1:6b:97:9b:48:db:f8:db:
                    51:29:b2:10:f8:6c:65:98:9e:0c:ac:27:71:77:21:
                    ad:98:13:d2:3b:98:18:7e:84:80:92:e2:55:79:af:
                    be:2a:82:a2:03:e5:bc:a5:65:55:d3:89:06:cd:38:
                    f3:10:31:99:6d:e9:b3:44:e3:ad:4d:ce:80:ff:8f:
                    f9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E1:3E:25:02:CD:64:5A:79:F5:41:A4:70:10:E4:2C:AA:5D:B8:96
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:e0:0f:29:7f:93:af:0f:76:6e:6e:3e:18:6c:9f:33:a4:2d:
         8a:7f:13:2c:87:64:91:15:05:59:36:dc:de:48:6f:f9:03:3a:
         d4:a8:07:32:6c:01:3f:a0:51:dc:9d:f9:cf:20:37:19:25:4f:
         88:15:52:4c:08:72:88:c5:94:c6:48:41:ba:4b:df:75:71:2a:
         ab:3d:61:ff:82:28:6e:aa:e2:08:66:b3:7b:ea:1b:ee:19:ff:
         3d:06:01:1a:3a:d9:fd:d8:b6:be:6c:91:58:c9:48:b5:01:6d:
         d6:e1:1c:ae:e6:23:6a:a9:ab:70:bc:f0:85:aa:79:b4:8f:9a:
         d9:e9:e7:6a:70:a1:e9:ec:82:04:5e:18:47:1b:aa:7b:6f:ab:
         86:0a:d4:49:52:16:5a:f9:0d:97:9b:13:7a:db:8b:10:a6:b2:
         64:87:6f:7f:15:e0:9b:cd:7a:49:7b:de:6d:11:0d:66:01:1d:
         4b:ff:c5:24:6f:f5:d7:c6:a9:b1:ed:1b:c8:bb:71:82:fb:4f:
         60:0f:8b:b0:1f:8e:ef:94:97:47:ef:e9:6a:29:c6:ad:bb:84:
         b5:56:69:78:72:21:de:b0:7d:8c:3c:7b:d3:54:e4:13:49:6e:
         e0:89:23:a1:89:5f:77:98:75:c9:89:26:cc:6c:ba:bc:e4:ca:
         60:2c:29:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqMG+Iv5St4ba3EXGeyT8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwNTA3MTAwMDIzWhcNMjUwNTA4MTAwMDIzWjAzMTEwLwYDVQQD
Eyg3YWUxM2UyNTAyY2Q2NDVhNzlmNTQxYTQ3MDEwZTQyY2FhNWRiODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKMcJ/EZ4hdsCRBmReP8Y97J1LBT
u4E3HXs0HsdbJHnCQYUQazG7o1qasdmeJOrGusZerk4k3lK3o0c7nZ/EXWnavMQi
N0W7fhYO+kYVWZmQREBhc2WJSAnUXAsjOvPosUf5K8gPexfRTFUpL6UW/K2bQB+V
HQflZieE7F2PGprjYM+Bz1iWlRa7RaHvrFp5OhkN2zoSUPhyuG9Un80ntChy/t8l
lp34sZb49pWK3GUYWXI78zDxnuLHwWuXm0jb+NtRKbIQ+GxlmJ4MrCdxdyGtmBPS
O5gYfoSAkuJVea++KoKiA+W8pWVV04kGzTjzEDGZbemzROOtTc6A/4/5zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrhPiUCzWRaefVBpHAQ5CyqXbiWMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbuAPKX+T
rw92bm4+GGyfM6Qtin8TLIdkkRUFWTbc3khv+QM61KgHMmwBP6BR3J35zyA3GSVP
iBVSTAhyiMWUxkhBukvfdXEqqz1h/4IobqriCGaze+ob7hn/PQYBGjrZ/di2vmyR
WMlItQFt1uEcruYjaqmrcLzwhap5tI+a2ennanCh6eyCBF4YRxuqe2+rhgrUSVIW
WvkNl5sTetuLEKayZIdvfxXgm816SXvebRENZgEdS//FJG/118apse0byLtxgvtP
YA+LsB+O75SXR+/painGrbuEtVZpeHIh3rB9jDx701TkE0lu4IkjoYlfd5h1yYkm
zGy6vOTKYCwpbA==
-----END CERTIFICATE-----